def process_contents(contents):
md5 = contents
if isinstance(md5, six.text_type):
md5 = md5.encode('utf-8')
md5 = hashlib.md5(md5).hexdigest()
encrypted_contents = crypto_utils.encrypt_data(
contents, Modules.ENCRYPT_KEY)
return md5, crypto_utils.encode_data(encrypted_contents)
def _build_module(self, ds_id, ds_ver_id):
module = Mock()
module.datastore_id = ds_id
module.datastore_version_id = ds_ver_id
module.contents = crypto_utils.encode_data(
crypto_utils.encrypt_data('VGhpc2lzbXlkYXRhc3RyaW5n',
'thisismylongkeytouse'))
return module
def process_contents(contents):
md5 = contents
if isinstance(md5, six.text_type):
md5 = md5.encode('utf-8')
md5 = hashlib.md5(md5).hexdigest()
encrypted_contents = crypto_utils.encrypt_data(
contents, Modules.ENCRYPT_KEY)
return md5, crypto_utils.encode_data(encrypted_contents)
def _build_module(self, ds_id, ds_ver_id):
module = Mock()
module.datastore_id = ds_id
module.datastore_version_id = ds_ver_id
module.contents = crypto_utils.encode_data(
crypto_utils.encrypt_data(
'VGhpc2lzbXlkYXRhc3RyaW5n',
'thisismylongkeytouse'))
return module
def _serialize_entity(self, ctxt, entity):
if self._key is None:
return entity
value = crypto.encode_data(
crypto.encrypt_data(
jsonutils.dumps(entity), self._key))
return jsonutils.dumps({'entity': value, 'csz-instance-id':
CONF.guest_id})
def _serialize_context(self, ctxt):
if self._key is None:
return ctxt
cstr = jsonutils.dumps(ctxt)
return {'context':
crypto.encode_data(
crypto.encrypt_data(cstr, self._key)),
'csz-instance-id': CONF.guest_id}
def _serialize_entity(self, ctxt, entity):
try:
if ctxt.instance_id is None:
return entity
except (ValueError, TypeError):
return entity
instance_key = get_instance_encryption_key(ctxt.instance_id)
estr = jsonutils.dumps(entity)
return cu.encode_data(cu.encrypt_data(estr, instance_key))
def _serialize_context(self, ctxt):
try:
if ctxt.instance_id is None:
return ctxt
except (ValueError, TypeError):
return ctxt
instance_key = get_instance_encryption_key(ctxt.instance_id)
cstr = jsonutils.dumps(ctxt)
return {'context': cu.encode_data(cu.encrypt_data(cstr, instance_key))}
def _serialize_entity(self, ctxt, entity):
try:
if ctxt.instance_id is None:
return entity
except (ValueError, TypeError):
return entity
instance_key = get_instance_encryption_key(ctxt.instance_id)
estr = jsonutils.dumps(entity)
return cu.encode_data(cu.encrypt_data(estr, instance_key))
def _serialize_context(self, ctxt):
if self._key is None:
return ctxt
cstr = jsonutils.dumps(ctxt)
return {
'context': crypto.encode_data(crypto.encrypt_data(cstr,
self._key)),
'csz-instance-id': CONF.guest_id
}
def _serialize_entity(self, ctxt, entity):
if self._key is None:
return entity
value = crypto.encode_data(
crypto.encrypt_data(jsonutils.dumps(entity), self._key))
return jsonutils.dumps({
'entity': value,
'csz-instance-id': CONF.guest_id
})
def _serialize_context(self, ctxt):
try:
if ctxt.instance_id is None:
return ctxt
except (ValueError, TypeError):
return ctxt
instance_key = get_instance_encryption_key(ctxt.instance_id)
cstr = jsonutils.dumps(ctxt)
return {'context': cu.encode_data(cu.encrypt_data(cstr,
instance_key))}
def test_encryp_decrypt(self):
key = 'my_secure_key'
for size in range(1, 100):
orig_data = os.urandom(size)
orig_encoded = crypto_utils.encode_data(orig_data)
encrypted = crypto_utils.encrypt_data(orig_encoded, key)
encoded = crypto_utils.encode_data(encrypted)
decoded = crypto_utils.decode_data(encoded)
decrypted = crypto_utils.decrypt_data(decoded, key)
final_decoded = crypto_utils.decode_data(decrypted)
self.assertEqual(orig_data, final_decoded,
"Decrypted data did not match original")
def test_encryp_decrypt(self):
key = 'my_secure_key'
for size in range(1, 100):
orig_data = Random.new().read(size)
orig_encoded = crypto_utils.encode_data(orig_data)
encrypted = crypto_utils.encrypt_data(orig_encoded, key)
encoded = crypto_utils.encode_data(encrypted)
decoded = crypto_utils.decode_data(encoded)
decrypted = crypto_utils.decrypt_data(decoded, key)
final_decoded = crypto_utils.decode_data(decrypted)
self.assertEqual(orig_data, final_decoded,
"Decrypted data did not match original")
def test_encrypt(self):
# test encrypt() with an hardcoded IV
key = 'my_secure_key'
salt = b'x' * crypto_utils.IV_BYTE_COUNT
with mock.patch('os.urandom', return_value=salt):
for orig_data, expected in (
# byte string
(b'Hello World!',
'eHh4eHh4eHh4eHh4eHh4eF5RK6VdDrAWl4Th1mNG2eps+VB2BouFRiY2Wa'
'P/RRPT'),
# Unicoded string (encoded to UTF-8)
(u'Unicode:\u20ac',
'eHh4eHh4eHh4eHh4eHh4eAMsI5YsrtMNAPJfVF0j9NegXML7OsJ0LuAy66'
'LKv5F4'),
):
orig_encoded = crypto_utils.encode_data(orig_data)
encrypted = crypto_utils.encrypt_data(orig_encoded, key)
encoded = crypto_utils.encode_data(encrypted)
self.assertEqual(expected, encoded)
def test_encrypt(self):
# test encrypt() with an hardcoded IV
key = 'my_secure_key'
salt = b'x' * crypto_utils.IV_BIT_COUNT
with mock.patch('Crypto.Random.new') as mock_random:
mock_random.return_value.read.return_value = salt
for orig_data, expected in (
# byte string
(b'Hello World!',
'eHh4eHh4eHh4eHh4eHh4eF5RK6VdDrAWl4Th1mNG2eps+VB2BouFRiY2Wa'
'P/RRPT'),
# Unicoded string (encoded to UTF-8)
(u'Unicode:\u20ac',
'eHh4eHh4eHh4eHh4eHh4eAMsI5YsrtMNAPJfVF0j9NegXML7OsJ0LuAy66'
'LKv5F4'),
):
orig_encoded = crypto_utils.encode_data(orig_data)
encrypted = crypto_utils.encrypt_data(orig_encoded, key)
encoded = crypto_utils.encode_data(encrypted)
self.assertEqual(expected, encoded)
def _serialize_entity(self, ctxt, entity):
if self._key is None:
return entity
estr = jsonutils.dumps(entity)
return cu.encode_data(cu.encrypt_data(estr, self._key))
def _serialize_context(self, ctxt):
if self._key is None:
return ctxt
cstr = jsonutils.dumps(ctxt)
return {'context': cu.encode_data(cu.encrypt_data(cstr, self._key))}
def process_contents(contents):
md5 = hashlib.md5(contents).hexdigest()
encrypted_contents = crypto_utils.encrypt_data(
contents, Modules.ENCRYPT_KEY)
return md5, crypto_utils.encode_data(encrypted_contents)
